Upload
vasco-data-security
View
70
Download
0
Tags:
Embed Size (px)
Citation preview
Increasing Your Mobile Banking Business
Executive summaryWith the potential to create everything from new revenue opportunities, to increased customer acquisition to cost savings, mobile is changing the landscape of banking as we know it. The rollout of foundational mobile services is already yielding tremendous success, and by increasing security while keeping a keen eye on user experience, leading banks and financial services providers can offer more advanced mobile services, which will play a key role in their growth strategies.
By broadening mobile banking offerings, financial institutions will be positioned to increase mobile transactions, shift transactions away from higher-cost channels, and retain and attract more customers.
To be successful with mobile, VASCO understands that banks need to pay close attention to the security of mobile applications and consumers, without creating challenges for the user experience.
2 Increasing Your Mobile Banking Business
Chapter 1The trends
60 %
80 %
95 %Trend 1 Mobile ThreatsHackers and their targeted malware have become an increasing threat to the mobile banking revolution.
Applications continue to top the list of our bad guy’s favorite targets. In fact, research suggests that 80% of successful breaches target the application layer. And with the explosive growth of the mobile channel and user demand for anytime/anywhere access to mobile services, mobile apps are stretching the boundaries of security, and putting them squarely in the crosshairs when it comes to malicious attacks.
Consider that 60% of mobile malware specifically targets financial information on mobile devices, and 95% of the top Android financial apps were hacked in 2014 and you can get a sense for the severity of the problem.
of mobile malwarespecifically targets
financial information on devices
of the top Android finance apps were
hacked in 2014
of successful breaches target the application
layer
See the full infograpic on www.vasco.com/images/vasco_mobilemenace_960.pdf4 Increasing Your Mobile Banking Business
Trend 2Advanced ServicesThe mobile banking landscape is evolving - from basic transactional services (alerts, statements, etc.) to advanced transactional services (fund transfers, bill payment, remote check deposit, P2P payments, etc.)
The next generation of mobile banking is emerging, which includes services such as remote and contactless payments, location-based marketing, mobile and social media integration
Improving the overall customer experience, reducing channel costs, and increasing customer share of wallet are the key objectives driving investments in new mobile services.
Business drivers
Customer demand
Regulatory pressure
Mobile Adoption
Innovation
Efficiency
New source of revenue
Cash replacement
5 Increasing Your Mobile Banking Business
Trend 3 - Transaction to InteractionThe mobile and online trend is also shifting focus from “transaction” to “interaction.”
Customers engage your bank via mobile and online channels on average 27-40 times per month as opposed to visiting a branch 1-2 times per year.
Retail banking channel interactions (projected in 2016)
Role of mobile banking in consumer decision to switch
Extremely important Important
Q2 2010 Q4 2010 Q2 2011 Q4 2011 Q2 2012 Q4 2012 Q2 2013 Q4 2013
7% 13% 7% 15%
26%
18% 17% 16% 31%
10%
30%27%
32%
29%
30%
ATM3-5 times per month
Branch1-2 times per year
Desktop7-10 times per month
Mobile20-30 times per month
Call center5-10 times per month
Trend 4User PreferenceIt’s no surprise that when it comes to your customers, mobile banking capabilities are playing an increasingly important role in primary bank switching decisions.
More than 60 percent of smartphone and tablet users reported that mobile banking capabilities are “important” or “extremely important” in their decision to switch banks.
Source: AlixPartners © March 2014 The Financial Brand
Source: Bank 3.0 by Brett King © September 2014 The Financial Brand
Trend 5New DemographicsAnd as each new generation become more technologically advanced, and capabilities of mobile devices continue to increase, banks must recognize the importance of rapid development and deployment cycles for mobile offerings in response to these new expectations.
Millennials have raised the bar on these requirements. They are much more likely to use mobile banking than older demographics, and more likely to go elsewhere if banks do not offer the mobile services they desire.
By 2017, millennials will have more buying power than any other
demographic.
Consumers who are currently using or considering using mobile banking services
Retired
91%
40%
Boomers
93%
46%
Gen X
91%
60%
Millennials
88%
67%
Online Mobile
Chart Source: PWC UK
Trend 6Cost OptimisationWhile mobile can enable new services and open up new opportunities for customer engagement, which is critical for customer retention, it can also deliver the added benefit of lowering your cost per transaction – from $4.25 for at a physical branch, to $.10 cents for mobile banking.
The potential return on investment for mobile will increase as consumers shift to the faster, more convenient and less expensive mobile channel to pay bills and make deposits.
Estimated cost per transaction by channel
$1.25
ATM
$4.25
In person at a physical
Branch
$.19
Online banking
$.10
Mobilebanking
$1.30
Phoning aCall center
8 Increasing Your Mobile Banking Business
Chapter 2Mobile Banking Best Practices
Barclays Bank
It took 13 years to get two million
customers using Internet banking;
it took just two months to reach
that number for mobile banking.
You need to: Deliver an experience your customers will love Offer more high value services, in a secure manner Stay protected against threats and fraud
So you can: acquire, engage & retain the next generation of customers drive more business, more revenue, and more advantage continue to reduce costs, and keep your brand reputation intact
To reap all the benefits of mobile banking
Traditional Mobile BankingLet’s take a step back for a minute and take a look at the traditional mobile banking experience.
The customer typically logs in to a mobile banking app with a static user ID and password. Complex passwords for login and transaction signing are not appropriate for the new world of mobile banking apps.
These credentials are often difficult to remember, and on a mobile device, entering a user name and password becomes even more difficult, creating a very burdensome experience. Another challenge is the aggressive mobile threat landscape – rootkits, MitM attacks, and Phishing – create a hostile environment for your mobile services.
Situation and risks today
Malware
Man-In-The-Middle Attack
Social engineeringFake Hosts
…
User ID + Static passwordTransaction details
MY BankB Y VA S C O
WelcomeUser ID
Password
Login
5895425697156
************
User ID + One Time password (OTP)Transaction details + Signature (TDS)
MY BankB Y VA S C O
WelcomePlease log in
Login
Secured by
DIGIPASSfor APPS
Secured
Secured
Secured
11 Increasing Your Mobile Banking Business
Two-Factor Authentication
Secure Storage
Transaction Signing
Secure Communications
Geolocation
Jailbreak & RootkitDetection
Device Binding
QR Code Support
PIN Management
Risk-Based Scoring
CrontoSign Support
Integration withBiometrics
Runtime ApplicationSelf-Protection
VASCO Solution: DIGIPASS® for AppsDIGIPASS for Apps is part of VASCO’s fraud protection portfolio.
On it’s own, through comprehensive and unified security, including built-in risk scoring, or in combination with our server-side anti-fraud platforms like IDENTIKEY Risk Manager, DIGIPASS for Apps can strengthen your defense against fraud and reduce associated cost of fraudulent activities.
Further, DIGIPASS for Apps can be used to reduce cost of operations, for example Secure PIN Delivery which eliminates the cost of expensive PIN mailers.
DIGIPASSfor APPS
DIGIPASS for Apps is a unique single framework that give
developers all the necessary building blocks required to secure their
mobile applications.12 Increasing Your Mobile Banking Business
Mobile Banking with VASCOVASCO’s DIGIPASS for Apps unifies security across all components of your mobile applications, with a single integration.It is designed to improve the user experience, and innovative authentication options that increase both security and convenience, for example secure and simple biometrics or PIN rather than a user name and password.
It also increases the trust level across all areas of mobile banking – user, device and application, eliminating threats to your mobile banking platform.
Malware
Man-In-The-Middle Attack
Social engineeringFake Hosts
…
User ID + Static passwordTransaction details
MY BankB Y VA S C O
WelcomeUser ID
Password
Login
5895425697156
************
User ID + One Time password (OTP)Transaction details + Signature (TDS)
MY BankB Y VA S C O
WelcomePlease log in
Login
Secured by
DIGIPASSfor APPS
Secured
Secured
Secured
A new Mobile Banking Experience
13 Increasing Your Mobile Banking Business
Mobile security cap - Traditional Mobile Banking & Mobile banking with DIGIPASS for Apps
Balance checking
Limited funds transfers
Intra-account funds transfers
P2P payments
Credit requests
Secu
rity
Traditional mobile banking Mobile banking with VASCO
Services
ATM cash withdrawal
Securities portfolio management
Account opening
Unlimited funds transfers
Advanced Mobile Services Require Advanced ProtectionDIGIPASS for Apps enables your Mobile First strategy. By elevating trust and improving user experience, you can securely offer more services via mobile, and improve capabilities and user experience for your other banking channels in the process.
While traditional bankings apps only support services requiring a low level of security, like balance checking, limited funds transfers and intra-account funds transfers,a Mobile banking app with DIGIPASS for Apps can cover a wide variety of services such as unlimited funds transfers, account opening, securities portfolio, management, ATM cash withdrawal, credit requests, P2P payments, and many more.
14 Increasing Your Mobile Banking Business
A User Experience They’ll LoveAn intuitive, unobtrusive user experience is key to success.
DIGIPASS for Apps offers the most innovative and convenient solutions for mobile, including ‘what you see is what you sign’ and Bluetooth-enabled technologies. Users will love the simple experience, the instant access, and the ability to do more than ever with their mobile devices.
DIGIPASS for Apps makes your mobile app more user friendly, because a simple PIN can now be used to securely login.
Dependent on the situation, you can also enable your user to login without second factor (no PIN, no Password), for certain services (i.e. check balance), or the user can choose to use fingerprint instead of a PIN.
15 Increasing Your Mobile Banking Business
Chapter 3Use cases
Pay by MobilePaySend Cash
Mobile CashThe customer simply opens their banking app, enters their PIN, and selects the account and the amount of withdrawal. A secure QR code is generated, containing the details of the transaction.
The customer touches the ATM and scans the QR code from their device to the ATM. Once the user confirms their request via a mobile PIN, the ATM dispenses cash. P2P Payments
Person to Person payments allow individuals to send and receive cash to each other via a mobile banking application.
To initiate, a user opens their mobile banking app and selects the option to send cash to another individual.
A secure QR code is generated from the banking app, and the user receiving cash scans the code using his own mobile banking app. The cash is then sent directly from one individual account into the other.
Mobile PaymentsMaking a purchase at your favorite online shop, and use your mobile device to pay. In the checkout window, a secure QR code will appear, holding information about the transaction.
Using your mobile banking app, you select “pay by MobilePay”, you scan the QR code and receive the details of the transaction in your banking app for confirmation.
Accept and confirm the details on your mobile device to complete the purchase.
17 Increasing Your Mobile Banking Business
Proven Technology, Proven ResultsNew customer acquisition, customer satisfaction, new revenue streams and stronger competitive advantage are dependent on your ability to deliver more mobile banking services. This is contingent on your ability to deliver a high level of trust for your apps, combined with a seamless customer experience. VASCO can help you tick all the boxes. We make it simple for both your developers and users. We deliver the strongest and most comprehensive levels of security for your m-banking applications. And we do it in a way that’s cost effective.
VASCO already secures some of the world’s most widely used mobile banking applications. Our customers have mobile banking applications that are consistently rated a top apps and our solutions are award winning.
18 Increasing Your Mobile Banking Business
Contact usFor more information please visit
www.vasco.com/mobilebanking
or contact us through one of the following methods:
www.vasco.com/contact
facebook.com/digipassbyvascofacebook.com/mydigipass
twitter.com/VASCODataNewstwitter.com/mydigipassdevs
Stay up to speed with what is happening in the world of
online security:follow us on blog.vasco.com